package com.feonix.setup.controller;

import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.view.RedirectView;

import com.feonix.common.util.CheckPwdStrong;
import com.feonix.common.util.MD5Util;
import com.feonix.common.util.Properties;
import com.feonix.common.util.StringUtil;
import com.feonix.common.util.VerifyCode;
import com.feonix.common.util.mvc.ControllerUtil;
import com.feonix.common.util.mvc.JsonResult;
import com.feonix.exception.LoginException;

@Controller
@RequestMapping("setup")
public class LogInOutController {
	
	private static final Log logger = LogFactory.getLog(LogInOutController.class);

	/**
	 * setup登录后用户session的key值
	 */
	private final static String SESSION_KEY = "setupuser";

	/**
	 * 配置文件中用户名的key值
	 */
	private final static String SETUP_USERNAME_KEY = "adminName";

	/**
	 * 配置文件中密码的key值
	 */
	private final static String SETUP_PWD_KEY = "adminpw";

	/**
	 * 密码强度等级
	 */
	public final static String SESSION_KEY_PWD_LEVEL = "setupuser_pwd_level";

	/**
	 * 登录显示页
	 * @param response
	 * @return
	 */
	@RequestMapping("login")
	public ModelAndView login(HttpServletResponse response) {
		ModelAndView modelAndView = new ModelAndView("setup/login");
		modelAndView.addObject("username", ControllerUtil.getCookieValue(SESSION_KEY));
		modelAndView.addObject("url", "doLogin");
		return modelAndView;
	}

	/**
	 * 登录逻辑方法
	 * @param userName
	 * @param password
	 * @param randCode
	 * @param session
	 * @param response
	 * @return
	 */
	@RequestMapping("doLogin")
	@ResponseBody
	public JsonResult doLogin(@RequestParam(value = "username", required = true) String userName,
			@RequestParam(value = "password", required = true) String password,
			@RequestParam(value = "randcode", required = true) String randCode, HttpSession session,
			HttpServletResponse response) {
		JsonResult jsonResult = JsonResult.getInstance();
		try {
			if (StringUtil.isEmpty(userName)) {
				throw new LoginException("setup.login.username.empty");
			}
			if (StringUtil.isEmpty(password)) {
				throw new LoginException("setup.login.password.empty");
			}
			if (StringUtil.isEmpty(randCode)) {
				throw new LoginException("setup.login.randcode.empty");
			}
			if (!StringUtil.equalsIgnoreCase(randCode, StringUtil.getString(session.getAttribute("setup_rand")))) {
				throw new LoginException("login.randcode.error");
			}
			Properties properties = getSetupProp();
			if (!(StringUtil.equals(userName, properties.getString(SETUP_USERNAME_KEY))
					&& StringUtil.equals(MD5Util.encodePwd(password), properties.getString(SETUP_PWD_KEY)))) {
				throw new LoginException("login.error");
			}
			ControllerUtil.addCookie(response, SESSION_KEY, properties.getString(SETUP_USERNAME_KEY), 60 * 60 * 24 * 7);
			session.setAttribute(SESSION_KEY, properties.getString(SETUP_USERNAME_KEY));
			session.setAttribute(SESSION_KEY_PWD_LEVEL, CheckPwdStrong.check(password));
			jsonResult.setSuccess(true);
		} catch (Exception e) {
			jsonResult.setMessage(e.getMessage());
		} finally {

		}
		return jsonResult;

	}

	private Properties getSetupProp() {
		String dbProp = LogInOutController.class.getClassLoader().getResource("pub/config/").getPath()
				+ "setup.properties";
		Properties properties = new Properties(dbProp);
		return properties;
	}

	@RequestMapping("verifyCode")
	@ResponseBody
	public String showVerifyCode(HttpSession session, HttpServletResponse response) {
		String verifyCode = "";
		try {
			verifyCode = VerifyCode.generate(response, "setup_rand");
		} catch (Exception e) {
			logger.error("验证码生成出错error:", e);
		}
		return verifyCode;
	}
	
	@RequestMapping("logout")
	public ModelAndView logout(HttpSession session) {
		session.invalidate();
		ModelAndView modelAndView = new ModelAndView();
		RedirectView redirectView = new RedirectView("login");
		modelAndView.setView(redirectView);
		return modelAndView;
	}

}
